package com.example.websocket.config.websocket;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * 描述: SecurityConfig
 * 包名: com.example.demo.config.websocket
 * 作者: ChenGuop.
 * 日期: 2017/08/24 下午3:18.
 * 项目名称: demo-websocket
 * 版本: 1.0
 * JDK: since 1.8
 */

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter{
  @Override
  protected void configure(HttpSecurity http) throws Exception {
    http
            .authorizeRequests()
            .antMatchers("/","/login").permitAll()//根路径和/login路径不拦截
            .anyRequest().authenticated()
            .and()
            .formLogin()
            .loginPage("/login") //2登陆页面路径为/login
            .defaultSuccessUrl("/chat") //3登陆成功转向chat页面
            .permitAll()
            .and()
            .logout()
            .permitAll();
  }

  //4在内存中配置两个用户 wyf 和 wisely ,密码和用户名一致,角色是 USER
  @Override
  protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth
            .inMemoryAuthentication()
            .withUser("wyf").password("wyf").roles("USER")
            .and()
            .withUser("wisely").password("wisely").roles("USER");
  }
  //5忽略静态资源的拦截
  @Override
  public void configure(WebSecurity web) throws Exception {
    web.ignoring().antMatchers("/resources/static/**");
  }

}